High-risk tools in Computer Use MCP Server
12 of the 16 tools in Computer Use MCP Server are classified as high risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at high risk
-
computer_double_clickExecuteDouble-click at the given coordinates.
-
computer_hold_keyExecuteHold down a key for a specified duration in seconds.
-
computer_keyExecutePress a key or key combination. Use xdotool key names:
-
computer_left_clickExecuteClick the left mouse button at the given coordinates.
-
computer_left_click_dragExecuteClick and drag from start coordinates to end coordinates.
-
computer_middle_clickExecuteMiddle-click at the given coordinates.
-
computer_mouse_moveExecuteMove the mouse cursor to the given coordinates without clicking.
-
computer_right_clickExecuteRight-click at the given coordinates.
-
computer_scrollExecuteScroll at the given coordinates in the specified direction.
-
computer_triple_clickExecuteTriple-click at the given coordinates (select a line of text).
-
computer_typeExecuteType a text string at the current cursor position.
-
computer_waitExecuteWait/pause for a specified duration in seconds. Useful to let UI settle.
Attacks that target this class
High-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.